Last updated: 24 May, 2025

Last updated: 24 May, 2025

Privacy Policy

Privacy Policy

This Privacy Policy (“Policy”) explains how Origin Studio Co (“we,” “us,” or “our”) collects, uses, and shares personal data (also referred to as personal information) of individuals outside our organization. This includes, but is not limited to, job applicants, customers, prospective customers, affiliates, website visitors, service providers, and their respective representatives (collectively referred to as “you” or “your”).

For clarity, this Policy does not apply to personal data collected by our customers through their use of Origin Studio Co’s services to develop or operate their own websites, applications, databases, or other digital solutions (“Customer Applications”). In such cases, the customer is the Data Controller, and Origin Studio Co acts solely as a Data Processor in accordance with our Data Processing Agreement (DPA).

For information regarding how personal data is handled in connection with a specific Customer Application, please contact the relevant customer or application operator directly.


1. Definitions

1.1 Customer Applications

Websites, applications, databases, or other digital solutions developed or operated by Origin Studio Co's customers using our services.

1.2 Data Controller

The entity that determines the purposes and means of processing personal data. For data collected through Customer Applications, the customer acts as the Data Controller.

1.3 Data Processor

The entity that processes personal data on behalf of the Data Controller. Origin Studio Co acts as a Data Processor for Customer Applications, processing data in accordance with the Data Processing Agreement (DPA).

1.4 Data Processing Agreement (DPA)

A contractual agreement between Origin Studio Co and its customers that outlines the terms and conditions under which personal data is processed by the Company on behalf of the customer.


2. Personal Data Collection

We collect and use your personal information solely to provide access to and maintain the Origin Studio Co application, and to communicate with you regarding our services. If you choose to upload any documents or information to our platform, we treat the privacy and confidentiality of that content with the utmost care.

We do not share your personal information with third parties without your consent, except in the following circumstances:

  • To fulfill a specific request you have made;

  • Where necessary to enforce our Terms of Service or comply with legal obligations;

  • To detect, prevent, or address fraud, security, or technical issues;

  • To protect the rights, property, or safety of Origin Studio Co, our users, or others.

2.1 Personal Data You Provide to Us

When you use our services, we may ask you to provide certain personally identifiable information, including:

  • Basic User Information: Name, email address, phone number, and social media avatars.

  • Company Information: Professional affiliation and related details.

  • Communication Data: Any information provided when creating an account or requesting support.

2.2 Payment Information

Origin Studio Co does not collect or store financial information, such as credit card numbers. All transactions are securely handled by our third-party provider, Mollie. Please refer to Stripe’s Privacy Policy for details on their data handling.

2.3 Sensitive Personal Data

We ask that you do not submit sensitive personal information (e.g., Social Security numbers, health data, racial origin, religious beliefs, or sexual orientation). Origin Studio Co does not intentionally collect such data and reserves the right to delete it if submitted.

2.4 Personal Data Collected Automatically

We automatically collect technical and usage information, including:

  • Browser type and version;

  • Device identifiers and IP addresses;

  • Access dates, times, and usage duration;

  • Debugging data and usage statistics.

2.5 Information from Third Parties

We may collect information from publicly available sources and platforms such as LinkedIn, Dribbble, or X (formerly Twitter), where permitted by law.

2.6 Access to Your Content

In limited circumstances, Origin Studio Co may access your hosted content to respond to support inquiries, resolve security vulnerabilities, or enforce our Terms of Service, subject to strict internal access controls.


3. Use of Collected Information

For individuals in the European Economic Area (EEA), our processing is justified on the following legal bases:

  1. Contractual Necessity: To perform our agreement with you.

  2. Legal Obligation: To comply with relevant laws.

  3. Legitimate Interest: To improve our services, ensure security, and manage risk, provided these interests are not overridden by your privacy rights.

  4. Consent: Where you have explicitly granted permission.

We do not sell, rent, or lease your personal data to third parties.


4. Security

Protecting your information is a priority. We implement appropriate technical and organizational measures, including Transport Layer Security (TLS) encryption for all network communications.

While we take commercially reasonable steps to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our reasonable control.

4.1 Personal Information Breach Notification

If a security breach occurs that is likely to result in a risk to your rights, Origin Studio Co will notify the competent supervisory authority without undue delay (generally within 72 hours) and inform affected individuals as required by law.


5. Retention of Data

We generally retain personal information for no longer than one year, unless you request earlier deletion or a longer period is required to:

  • Comply with legal, tax, or accounting obligations;

  • Defend legal claims or respond to regulatory requirements.


6. Minors

Our Services are not intended for individuals under the age of 18. We do not knowingly collect information from children. If we discover such data has been inadvertently collected, we will take immediate steps to delete it.


7. GDPR / EU Rights

Under the GDPR, you have the following rights:

  • Right of Access: Obtain a copy of your data and processing details.

  • Right to Rectification: Correct inaccurate or incomplete data.

  • Right to Erasure: Request deletion ("Right to be Forgotten").

  • Right to Restrict Processing: Limit how we use your data.

  • Right to Data Portability: Receive your data in a machine-readable format.

  • Right to Object/Withdraw Consent: Stop processing based on consent or legitimate interest.

To exercise these rights, contact us at legal@originstudio.nl In the Netherlands, the relevant authority is the Autoriteit Persoongegevens.


8. Third-Party Links

Our Services may contain links to third-party sites. We do not control these sites and are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party service you visit.

This Privacy Policy (“Policy”) explains how EVCloud (“we,” “us,” or “our”) collects, uses, and shares personal data (also referred to as personal information) of individuals outside our organization. This includes, but is not limited to, job applicants, customers, prospective customers, affiliates, website visitors, service providers, and their respective representatives (collectively referred to as “you” or “your”).


For clarity, this Policy does not apply to personal data collected by our customers through their use of EVCloud’s services to develop or operate their own websites, applications, databases, or other digital solutions (“Customer Applications”). In such cases, the customer is the data controller, and EVCloud acts solely as a data processor in accordance with our Data Processing Agreement (DPA).


For information regarding how personal data is handled in connection with a specific Customer Application, please contact the relevant customer or application operator directly.



1. Definitions


1.1 Customer Applications

Websites, applications, databases, or other digital solutions developed or operated by EVCloud's customers using EVCloud’s services.


1.2 Data Controller

The entity that determines the purposes and means of processing personal data. For data collected through Customer Applications, the customer acts as the data controller.


1.3 Data Processor

The entity that processes personal data on behalf of the data controller. EVCloud acts as a data processor for Customer Applications, processing data in accordance with the Data Processing Agreement (DPA).


1.4 Data Processing Agreement (DPA).

A contractual agreement between EVCloud and its customers that outlines the terms and conditions under which personal data is processed by EVCloud on behalf of the customer.



2. Personal data collection


We collect and use your personal information solely to provide access to and maintain the EVCloud application, and to communicate with you regarding our services.

If you choose to upload any documents or information to the EVCloud application, we treat the privacy and confidentiality of that content with the utmost care.

We do not share your personal information with third parties without your consent, except in the following circumstances:

  1. To fulfill a request you have made;

  2. Where necessary to enforce our Terms of Service, or to comply with applicable laws or legal obligations;

  3. To detect, prevent, or address fraud, security, or technical issues;

  4. To protect the rights, property, or safety of EVCloud, our users, or others.


As part of our standard business operations—including providing services to you, managing your account, and complying with applicable laws and regulations—we may collect and process your personal information. We will only use your information for the purposes described in this Privacy Statement and not for any unrelated purposes without your explicit consent.


2.1 Personal data you provide to us

When you use our services, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. This may include, but is not limited to:

  • Basic user information, such as your name, email address, phone number, photograph, and social media avatar;

  • Company-related information; and

  • Any other information you choose to provide when creating an account, requesting support, or otherwise communicating with EVCloud.


2.2 Payment Information

EVCloud does not collect or process any financial information, such as credit card numbers, expiration dates, or security codes. All payment transactions are securely handled by our third-party payment provider, Stripe, Inc. For details on how Stripe handles your payment information, please refer to their Privacy Policy.


2.3 Sensitive Personal Data

We ask that you do not submit any sensitive personal information when using our services, communicating with us, or applying for a position at EVCloud. This includes, but is not limited to:

  • Social Security numbers or national ID numbers;

  • Health or medical data;

  • Racial or ethnic origin;

  • Political opinions;

  • Religious or philosophical beliefs;

  • Trade union membership;

  • Sexual orientation or sex life information.


EVCloud does not intentionally collect or process sensitive personal data and reserves the right to delete such data if submitted.


2.4 Personal data we collect automatically (service use)

Log Information. We automatically collect certain technical and usage information when you use our services. This may include details such as:

  • Browser type and version;

  • Device and machine identifiers;

  • Access dates and times;

  • Usage duration and frequency;

  • Application launches and pages viewed;

  • IP address;

  • The referring web page;

  • Debugging data; and

  • Other usage statistics.

This information helps us understand how users interact with our services, improve functionality, and ensure security and performance.


2.5 Customer Support and Service Requests

When you contact EVCloud for support or other service-related inquiries, we may retain records of your communications, including any information you provide in connection with your request. This helps us manage your request and improve customer service.


2.6 Information from Third Parties

We may also collect personal information about you from publicly available sources and third-party platforms such as LinkedIn, Facebook, Dribbble, and Twitter, where permitted by applicable laws.


2.7 Access to Your Content

In limited circumstances and only where legally permitted, EVCloud may access, view, or listen to your content (as defined in Section 1.2 of our Terms of Service) for the following purposes:

  1. To respond to support inquiries or feedback;

  2. To detect, prevent, or resolve fraud, security vulnerabilities, legal issues, or technical problems;

  3. To enforce our Terms of Service.


We do so with strict access controls and safeguards in place to protect your privacy and confidentiality.





3. Use of Collected Information


For individuals in the European Economic Area, our processing (i.e. use) of your Personal Information is justified on the following legal bases:

  1. The processing is necessary to perform an agreement with you or take steps to enter into an agreement at your request;

  2. The processing is necessary for us to comply with relevant legal obligations;

  3. The processing is in our legitimate interest, and this justified interest prevails over your privacy; and/or you have consented to the processing.


We collect your Personal Information to:

  1. Perform our agreement with you and with others;

  2. Process, evaluate, and complete certain transactions involving the Services;

  3. Operate, evaluate, maintain, improve, customize, and develop the Services (including by monitoring and analyzing trends, access to, and use of the Services for enhancing customer experience, security of our Services, advertising and marketing);

  4. Provide you with documentation, communications, or any other services you request;

  5. Correspond with you to resolve queries or complaints;

  6. Protect and ensure safety of our Intellectual Property Rights;

  7. Manage, protect against and investigate fraud, risk exposure, claims, and other liabilities, including but not limited to violation of our contract terms or (international) laws or regulations;

  8. Adhere to all our worldwide legal obligations.


We do not sell, rent, or lease your personal data to third parties. 




4. Security


At EVCloud, protecting your personal information is a priority. We implement and maintain appropriate technical and organizational measures to safeguard your data against unauthorized access, misuse, disclosure, alteration, unlawful destruction, or accidental loss.


All communications over our network are encrypted using Transport Layer Security (TLS). Financial transactions are processed exclusively through PCI-compliant third-party payment providers, and EVCloud does not store any financial or credit card information on its servers.


While we take commercially reasonable steps to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our control.


4.1 Personal Information Breach Notification

In the event of a personal data breach—defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data—we will assess the risk to the rights and freedoms of natural persons.


If such a breach is likely to result in a risk to your rights and freedoms, EVCloud will notify the competent supervisory authority without undue delay and, where feasible, no later than 72 hours after becoming aware of the breach. If notification is not made within 72 hours, we will provide documented reasons for the delay. Where required, we will also inform affected individuals.



5. Retention of Data


We generally retain personal information for no longer than one year, unless you request earlier deletion.

In certain circumstances, we may retain specific personal information for longer periods to:

  • Comply with legal, tax, or accounting obligations;

  • Respond to legal processes, regulatory requirements, or requests from competent authorities;

  • Establish, exercise, or defend legal claims, including for the duration of applicable statutes of limitation.


Retaining information in these cases ensures accurate records for complaints, disputes, or investigations.



6. Minor(s)


Our Services are not intended for use by individuals under the age of 16. We do not knowingly collect, use, store, or share personal information from children under 16 years of age. If you are under 16, please do not submit any personal information through the Services, even if prompted to do so.


If we become aware that we have inadvertently collected personal information from a child under the age of 16, we will take steps to delete such information as soon as possible. If you are a parent or legal guardian and believe that your child has provided us with personal information, please contact us so we can remove the data promptly.



7. GDPR/EU Rights


Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal information. These include:

  1. Right of access – To obtain a copy of your personal information and details on how and why it is being processed.

  2. Right to rectification – To correct inaccurate or incomplete personal information.

  3. Right to erasure ("right to be forgotten") – To request the deletion of your personal information where it is no longer necessary for the purposes for which it was collected or processed. We aim to anonymize such data within 30 days of a valid deletion request.

  4. Right to restrict processing – To request limited use of your personal information in certain situations.

  5. Right to data portability – To receive your personal information in a structured, machine-readable format and transmit it to another controller, where processing is based on your consent or the performance of a contract.

  6. Right to withdraw consent – To withdraw your consent at any time, where we rely on consent to process your data.

  7. Right to information on international data transfers – To request information or a copy of the appropriate safeguards in place when your data is transferred outside the European Economic Area.

  8. Right to lodge a complaint – To file a complaint with a supervisory authority if you believe your data is not being processed in accordance with the GDPR. In the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl).


If you would like to exercise any of these rights or have questions about this Privacy Statement, please contact us at legal@envision.nl.


Please note that we may ask you to verify your identity before fulfilling your request. We reserve the right to charge a reasonable fee where permitted by law, especially in cases where requests are manifestly unfounded or excessive. We will respond within the time limits set by applicable data protection laws.




8. Third-Party Links Disclaimer


Our Services may contain links to third-party websites or services for your convenience or to enhance your experience. Please be aware that we do not control these third-party sites and are not responsible for their content, privacy practices, or the way they collect, use, or share your personal information.


We strongly encourage you to review the privacy policies and terms of use of any third-party websites before providing any personal data or interacting with their services. Your use of such websites is at your own risk, and we disclaim any liability for the actions, content, or data practices of third parties.



This Privacy Policy (“Policy”) explains how EVCloud (“we,” “us,” or “our”) collects, uses, and shares personal data (also referred to as personal information) of individuals outside our organization. This includes, but is not limited to, job applicants, customers, prospective customers, affiliates, website visitors, service providers, and their respective representatives (collectively referred to as “you” or “your”).


For clarity, this Policy does not apply to personal data collected by our customers through their use of EVCloud’s services to develop or operate their own websites, applications, databases, or other digital solutions (“Customer Applications”). In such cases, the customer is the data controller, and EVCloud acts solely as a data processor in accordance with our Data Processing Agreement (DPA).


For information regarding how personal data is handled in connection with a specific Customer Application, please contact the relevant customer or application operator directly.



1. Definitions


1.1 Customer Applications

Websites, applications, databases, or other digital solutions developed or operated by EVCloud's customers using EVCloud’s services.


1.2 Data Controller

The entity that determines the purposes and means of processing personal data. For data collected through Customer Applications, the customer acts as the data controller.


1.3 Data Processor

The entity that processes personal data on behalf of the data controller. EVCloud acts as a data processor for Customer Applications, processing data in accordance with the Data Processing Agreement (DPA).


1.4 Data Processing Agreement (DPA).

A contractual agreement between EVCloud and its customers that outlines the terms and conditions under which personal data is processed by EVCloud on behalf of the customer.



2. Personal data collection


We collect and use your personal information solely to provide access to and maintain the EVCloud application, and to communicate with you regarding our services.

If you choose to upload any documents or information to the EVCloud application, we treat the privacy and confidentiality of that content with the utmost care.

We do not share your personal information with third parties without your consent, except in the following circumstances:

  1. To fulfill a request you have made;

  2. Where necessary to enforce our Terms of Service, or to comply with applicable laws or legal obligations;

  3. To detect, prevent, or address fraud, security, or technical issues;

  4. To protect the rights, property, or safety of EVCloud, our users, or others.


As part of our standard business operations—including providing services to you, managing your account, and complying with applicable laws and regulations—we may collect and process your personal information. We will only use your information for the purposes described in this Privacy Statement and not for any unrelated purposes without your explicit consent.


2.1 Personal data you provide to us

When you use our services, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. This may include, but is not limited to:

  • Basic user information, such as your name, email address, phone number, photograph, and social media avatar;

  • Company-related information; and

  • Any other information you choose to provide when creating an account, requesting support, or otherwise communicating with EVCloud.


2.2 Payment Information

EVCloud does not collect or process any financial information, such as credit card numbers, expiration dates, or security codes. All payment transactions are securely handled by our third-party payment provider, Stripe, Inc. For details on how Stripe handles your payment information, please refer to their Privacy Policy.


2.3 Sensitive Personal Data

We ask that you do not submit any sensitive personal information when using our services, communicating with us, or applying for a position at EVCloud. This includes, but is not limited to:

  • Social Security numbers or national ID numbers;

  • Health or medical data;

  • Racial or ethnic origin;

  • Political opinions;

  • Religious or philosophical beliefs;

  • Trade union membership;

  • Sexual orientation or sex life information.


EVCloud does not intentionally collect or process sensitive personal data and reserves the right to delete such data if submitted.


2.4 Personal data we collect automatically (service use)

Log Information. We automatically collect certain technical and usage information when you use our services. This may include details such as:

  • Browser type and version;

  • Device and machine identifiers;

  • Access dates and times;

  • Usage duration and frequency;

  • Application launches and pages viewed;

  • IP address;

  • The referring web page;

  • Debugging data; and

  • Other usage statistics.

This information helps us understand how users interact with our services, improve functionality, and ensure security and performance.


2.5 Customer Support and Service Requests

When you contact EVCloud for support or other service-related inquiries, we may retain records of your communications, including any information you provide in connection with your request. This helps us manage your request and improve customer service.


2.6 Information from Third Parties

We may also collect personal information about you from publicly available sources and third-party platforms such as LinkedIn, Facebook, Dribbble, and Twitter, where permitted by applicable laws.


2.7 Access to Your Content

In limited circumstances and only where legally permitted, EVCloud may access, view, or listen to your content (as defined in Section 1.2 of our Terms of Service) for the following purposes:

  1. To respond to support inquiries or feedback;

  2. To detect, prevent, or resolve fraud, security vulnerabilities, legal issues, or technical problems;

  3. To enforce our Terms of Service.


We do so with strict access controls and safeguards in place to protect your privacy and confidentiality.




3. Use of Collected Information


For individuals in the European Economic Area, our processing (i.e. use) of your Personal Information is justified on the following legal bases:

  1. The processing is necessary to perform an agreement with you or take steps to enter into an agreement at your request;

  2. The processing is necessary for us to comply with relevant legal obligations;

  3. The processing is in our legitimate interest, and this justified interest prevails over your privacy; and/or you have consented to the processing.


We collect your Personal Information to:

  1. Perform our agreement with you and with others;

  2. Process, evaluate, and complete certain transactions involving the Services;

  3. Operate, evaluate, maintain, improve, customize, and develop the Services (including by monitoring and analyzing trends, access to, and use of the Services for enhancing customer experience, security of our Services, advertising and marketing);

  4. Provide you with documentation, communications, or any other services you request;

  5. Correspond with you to resolve queries or complaints;

  6. Protect and ensure safety of our Intellectual Property Rights;

  7. Manage, protect against and investigate fraud, risk exposure, claims, and other liabilities, including but not limited to violation of our contract terms or (international) laws or regulations;

  8. Adhere to all our worldwide legal obligations.


We do not sell, rent, or lease your personal data to third parties. 




4. Security


At EVCloud, protecting your personal information is a priority. We implement and maintain appropriate technical and organizational measures to safeguard your data against unauthorized access, misuse, disclosure, alteration, unlawful destruction, or accidental loss.


All communications over our network are encrypted using Transport Layer Security (TLS). Financial transactions are processed exclusively through PCI-compliant third-party payment providers, and EVCloud does not store any financial or credit card information on its servers.


While we take commercially reasonable steps to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our control.


4.1 Personal Information Breach Notification

In the event of a personal data breach—defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data—we will assess the risk to the rights and freedoms of natural persons.


If such a breach is likely to result in a risk to your rights and freedoms, EVCloud will notify the competent supervisory authority without undue delay and, where feasible, no later than 72 hours after becoming aware of the breach. If notification is not made within 72 hours, we will provide documented reasons for the delay. Where required, we will also inform affected individuals.



5. Retention of Data


We generally retain personal information for no longer than one year, unless you request earlier deletion.

In certain circumstances, we may retain specific personal information for longer periods to:

  • Comply with legal, tax, or accounting obligations;

  • Respond to legal processes, regulatory requirements, or requests from competent authorities;

  • Establish, exercise, or defend legal claims, including for the duration of applicable statutes of limitation.


Retaining information in these cases ensures accurate records for complaints, disputes, or investigations.



6. Minor(s)


Our Services are not intended for use by individuals under the age of 16. We do not knowingly collect, use, store, or share personal information from children under 16 years of age. If you are under 16, please do not submit any personal information through the Services, even if prompted to do so.


If we become aware that we have inadvertently collected personal information from a child under the age of 16, we will take steps to delete such information as soon as possible. If you are a parent or legal guardian and believe that your child has provided us with personal information, please contact us so we can remove the data promptly.



7. GDPR/EU Rights


Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal information. These include:

  1. Right of access – To obtain a copy of your personal information and details on how and why it is being processed.

  2. Right to rectification – To correct inaccurate or incomplete personal information.

  3. Right to erasure ("right to be forgotten") – To request the deletion of your personal information where it is no longer necessary for the purposes for which it was collected or processed. We aim to anonymize such data within 30 days of a valid deletion request.

  4. Right to restrict processing – To request limited use of your personal information in certain situations.

  5. Right to data portability – To receive your personal information in a structured, machine-readable format and transmit it to another controller, where processing is based on your consent or the performance of a contract.

  6. Right to withdraw consent – To withdraw your consent at any time, where we rely on consent to process your data.

  7. Right to information on international data transfers – To request information or a copy of the appropriate safeguards in place when your data is transferred outside the European Economic Area.

  8. Right to lodge a complaint – To file a complaint with a supervisory authority if you believe your data is not being processed in accordance with the GDPR. In the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl).


If you would like to exercise any of these rights or have questions about this Privacy Statement, please contact us at legal@envision.nl.


Please note that we may ask you to verify your identity before fulfilling your request. We reserve the right to charge a reasonable fee where permitted by law, especially in cases where requests are manifestly unfounded or excessive. We will respond within the time limits set by applicable data protection laws.




8. Third-Party Links Disclaimer


Our Services may contain links to third-party websites or services for your convenience or to enhance your experience. Please be aware that we do not control these third-party sites and are not responsible for their content, privacy practices, or the way they collect, use, or share your personal information.


We strongly encourage you to review the privacy policies and terms of use of any third-party websites before providing any personal data or interacting with their services. Your use of such websites is at your own risk, and we disclaim any liability for the actions, content, or data practices of third parties.